On January 12, the International Consumer Electronics Show (CES) in Las Vegas closed its doors for another year. Each CES raises a new set of technology themes, ranging from robots to smart fridges — and this year, the winner was voice technologies. Such technologies, while not entirely new, are now becoming mainstream: sales of smart speakers like Amazon’s Echo more than tripled in 2017, and it is now estimated that one in six Americans own a smart speaker. It is always difficult to predict the future, but voice enabled cars, home appliances, and other devices are all either on the way or already on the market, and the potential for voice interfaces to become new “platforms” — supporting third party services just like smartphones supported apps — is now clear to us all.

On the other side of the Atlantic, however, policymakers are going in another direction. The European Union’s Council, made up of representatives of the 28 EU Member State governments, has been hard at work negotiating its preferred version of the next EU privacy law beyond the General Data Protection Regulation, known as the E-Privacy Regulation (EPR). Just as the GDPR is built upon a predecessor law, the Data Protection Directive, so too is the EPR envisaged as an update to an existing law, the E-Privacy Directive.

The EPR is still a draft, and subject to further revision. However, many of its key features are already largely clear. One of the main purposes of the EPR is to “level the playing field” between traditional (e.g., copper, fibre, mobile and satellite -based) telecommunications providers and new upstart technology providers (for example, those offering instant messaging or VoIP communication services), so that all market players are bound by the same privacy rules. In practice, this likely means that rules previously limiting how telecommunications companies can use certain types of communication data will be expanded to cover a much greater range of technology provider. As a result, many technology providers previously outside the scope of the legacy E-Privacy Directive may well find themselves regulated by the EPR.

Where the EPR applies, it is likely to significantly limit how voice communications data can be used.

The EPR proposes a broad prohibition on the processing of electronic communications data in Article 5, except for use by end-users of communication systems, or where otherwise permitted in the EPR.

The EPR then sets out grounds for processing in Article 6. These grounds are far more limited, however, than the array of options provided for in Article 6 of the GDPR. For example, the legitimate interest grounds; the grounds of processing that is necessary for performance of a contract; and even the grounds of processing where necessary for the vital interests of an individual, are all absent. Instead, in many cases, the only grounds available to providers to process voice communications will be consent — of either one end-user, or, in some cases, both. Even where consent applies, additional requirements — such as prior consultation with a data protection authority — may also apply.

The EPR also sets out strict limits on the retention of electronic communications data in Article 7 (although deletion of covered data does not appear to be required where grounds under Article 6 continue to apply).

The upshot is that the EPR may, if adopted as drafted, set out significant limits on the ability of providers to collect and/or use electronic communications data — including many voice communications — for purposes such as product research, design, refinement, and development. Providers, hard at work generating new products and features, should look up and take note.

Ezra Steinhardt is an associate in the technology and media group in the London office. His practice encompasses data privacy, information technology, international trade, and legislative advocacy.

Mr. Steinhardt advises leading internet, technology and pharmaceutical companies and trade consortia on a diverse range of regulatory compliance and law reform issues. This includes policy advocacy and strategic advice on data protection and data security, consumer protection, interception of communications, copyright, and other internet-...

You are responsible for reading, understanding and agreeing to the National Law Review's (NLR’s) and the National Law Forum LLC's Terms of Use and Privacy Policy before using the National Law Review website. The National Law Review is a free to use, no-log in database of legal and business articles. The content and links on www.NatLawReview.com are intended for general information purposes only. Any legal analysis, legislative updates or other content and links should not be construed as legal or professional advice or a substitute for such advice. No attorney-client or confidential relationship is formed by the transmission of information between you and the National Law Review website or any of the law firms, attorneys or other professionals or organizations who include content on the National Law Review website. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor.

Some states have laws and ethical rules regarding solicitation and advertisement practices by attorneys and/or other professionals. The National Law Review is not a law firm nor is www.NatLawReview.com intended to be a referral service for attorneys and/or other professionals. The NLR does not wish, nor does it intend, to solicit the business of anyone or to refer anyone to an attorney or other professional. NLR does not answer legal questions nor will we refer you to an attorney or other professional if you request such information from us.

Under certain state laws the following statements may be required on this website and we have included them in order to be in full compliance with these rules. The choice of a lawyer or other professional is an important decision and should not be based solely upon advertisements. Attorney Advertising Notice: Prior results do not guarantee a similar outcome. Statement in compliance with Texas Rules of Professional Conduct. Unless otherwise noted, attorneys are not certified by the Texas Board of Legal Specialization, nor can NLR attest to the accuracy of any notation of Legal Specialization or other Professional Credentials.

The National Law Review - National Law Forum LLC 4700 Gilbert Ave. Suite 47 #230 Western Springs, IL 60558 Telephone (708) 357-3317 If you would ike to contact us via email please click here.